RobFIT 0 Posted July 19 Share Posted July 19 Hello , I am constantly receiving this Detection , i know this has also been marked as a Vulnerability -- > NVD - CVE-2015-2291 (nist.gov) C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\NIC_Intel_Firmware\iqvw64e.sys;Win64/Intel.A potentially unsafe application;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\miniunz.exe Upgraded the Endpoint Version , Scanned , detections are deleted but it recurs. There' no any DUP (dell Update Package ) , NIC is a Broadcom not an Intel Please advise how to clean it up once and for all . Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,286 Posted July 19 Administrators Share Posted July 19 If the application miniunz.exe is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware. Quote Link to comment Share on other sites More sharing options...
RobFIT 0 Posted July 19 Author Share Posted July 19 56 minutes ago, Marcos said: If the application miniunz.exe is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware. Thanks for your reply Marcos But it's auto downloading / installing , i never run miniunz.exe Just wanted to know if this might be a False Positive ? Quote Link to comment Share on other sites More sharing options...
Solution itman 1,407 Posted July 19 Solution Share Posted July 19 3 hours ago, RobFIT said: But it's auto downloading / installing , i never run miniunz.exe Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious. CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP. Quote Link to comment Share on other sites More sharing options...
RobFIT 0 Posted July 22 Author Share Posted July 22 On 7/19/2022 at 4:56 PM, itman said: Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious. CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP. Thanks Buddy , Will test it , Sorry for the late reply. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.